Pierluigi Paganini
January 27, 2023
A Dutch hacker who was arrested at the end of last year claims to have stolen the personal data of almost all Austrians. At the end of November 2022, the Amsterdam police arrested a 25-year-old man from Almere who is suspected of having stolen or traded the personal data of tens of millions of people […]
Pierluigi Paganini
January 27, 2023
Lexmark released a security firmware update to fix a remote code execution flaw, tracked as CVE-2023-23560, that impacts more than 100 printer models. Lexmark has released a security firmware update to address a remote code execution vulnerability, tracked as CVE-2023-23560, that impacts more than 100 printer models. The CVE-2023-23560 flaw is a server-side request forgery […]
Pierluigi Paganini
January 26, 2023
The U.K. National Cyber Security Centre (NCSC) warns of a surge in the number of attacks from Russian and Iranian nation-state actors. The U.K. National Cyber Security Centre (NCSC) is warning of targeted phishing attacks conducted by threat actors based in Russia and Iran. The are increasingly targeting organizations and individuals. The UK agency reported ongoing spear-phishing […]
Pierluigi Paganini
January 26, 2023
A source code repository allegedly stolen by a former employee of the Russian tech giant Yandex has been leaked online. A Yandex source code repository allegedly stolen by a former employee of the Russian IT giant has been leaked on a popular cybercrime forum. The announcement published on BreachForums includes a magnet link to the alleged […]
Pierluigi Paganini
January 26, 2023
The leak site of the Hive ransomware gang was seized due to an international operation conducted by law enforcement in ten countries. The Tor leak site used by Hive ransomware operators has been seized as part of an international operation conducted by law enforcement in 10 countries. “The Federal Bureau of Investigation seized this site […]
Pierluigi Paganini
January 25, 2023
Zacks Investment Research (Zacks) disclosed a data breach, the security may have exposed the data of 820K customers. Zacks Investment Research (Zacks) disclosed a data breach, the security incident may have affected the personal information of its 820,000 customers. “On December 28, 2022, Zacks learned that an unknown third-party had gained unauthorized access to certain […]
Pierluigi Paganini
January 25, 2023
Google addressed six security vulnerabilities in its web browser Chrome, none of them actively exploited in the wild. Google released Chrome version 109.0.5414.119 for Mac and Linux and 109.0.5414.119/.120 for Windows to address a total of six vulnerabilities. Four of the addressed flaws were reported by external researchers that were awarded for more than $26,500 for their […]
Pierluigi Paganini
January 25, 2023
North Korea-linked TA444 group is behind a credential harvesting campaign targeting a number of industry verticals. Proofpoint researchers reported that North Korea-linked TA444 APT group (aka APT38, BlueNoroff, Copernicium, and Stardust Chollima) is behind a credential harvesting campaign targeting a number of industry verticals. APT38 appears to be a North Korea-linked group separate from the infamous Lazarus group, […]
Pierluigi Paganini
January 25, 2023
Prestigious club Stade Français potentially endangered its fans for over a year after leaking its website’s source code. Stade Français is a professional rugby union club based in Paris. Founded in 1883 and competing in France’s premier rugby league, Top 14, it has established itself as one of the most successful teams in the country, […]
Pierluigi Paganini
January 25, 2023
Chinese threat actor tracked as DragonSpark targets organizations in East Asia with a Golang malware to evade detection. SentinelOne researchers spotted a Chinese-speaking actor, tracked as DragonSpark, that is targeting organizations in East Asia. The attackers employed an open source tool SparkRAT along with Golang malware that implements an uncommon technique to evade detection. “The threat […]
